CN103608820A - Enabling a software application to be executed on a hardware device - Google Patents
Enabling a software application to be executed on a hardware device Download PDFInfo
- Publication number
- CN103608820A CN103608820A CN201280026330.7A CN201280026330A CN103608820A CN 103608820 A CN103608820 A CN 103608820A CN 201280026330 A CN201280026330 A CN 201280026330A CN 103608820 A CN103608820 A CN 103608820A
- Authority
- CN
- China
- Prior art keywords
- function
- secret key
- hardware circuit
- software application
- software
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims abstract description 44
- 230000004044 response Effects 0.000 claims abstract description 39
- 238000012545 processing Methods 0.000 claims description 26
- 230000007246 mechanism Effects 0.000 claims description 5
- 230000002093 peripheral effect Effects 0.000 claims description 2
- 230000006870 function Effects 0.000 description 129
- 230000009466 transformation Effects 0.000 description 18
- 238000010586 diagram Methods 0.000 description 15
- 238000005516 engineering process Methods 0.000 description 12
- 230000001131 transforming effect Effects 0.000 description 12
- 230000008569 process Effects 0.000 description 9
- 230000017105 transposition Effects 0.000 description 4
- 239000013598 vector Substances 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 3
- 230000000052 comparative effect Effects 0.000 description 3
- 230000008901 benefit Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 239000000284 extract Substances 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 229910052710 silicon Inorganic materials 0.000 description 2
- 239000010703 silicon Substances 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 239000000945 filler Substances 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- ZRHANBBTXQZFSP-UHFFFAOYSA-M potassium;4-amino-3,5,6-trichloropyridine-2-carboxylate Chemical compound [K+].NC1=C(Cl)C(Cl)=NC(C([O-])=O)=C1Cl ZRHANBBTXQZFSP-UHFFFAOYSA-M 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- GOLXNESZZPUPJE-UHFFFAOYSA-N spiromesifen Chemical compound CC1=CC(C)=CC(C)=C1C(C(O1)=O)=C(OC(=O)CC(C)(C)C)C11CCCC1 GOLXNESZZPUPJE-UHFFFAOYSA-N 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Abstract
The invention provides a method, a hardware circuit and a hardware device for enabling a software application to be executed on a hardware device in dependence of the hardware circuit, while preventing the execution of a binary copy of the application in another hardware device. Challenge data originating from the software application is input to a hardware circuit of the hardware device, wherein the hardware circuit is configured to perform a deterministic function. Response data is generated by the hardware device, which is used to manipulate at least a part of the software application, thereby enabling the software application to be executed.
Description
Technical field
The present invention relates to protect software application.More specifically, the present invention relates to make it possible to executive software application on hardware device.
Background technology
Software obfuscation is a kind of for realizing software program, making it be difficult to the known technology of reverse-engineering.This technology generally includes by table search operation sequence and replaces software function and function searched and made to find the infeasible transforming function transformation function merging substantially of function and function parameter.Resulting security software programs is carried out input and/or the output function by transformation parameter forms.Specific self-adaptation in these modules that transformation parameter may require to dock with security software programs.
Data and software obfuscation technology utilize transforming function transformation function to obscure intermediate result.The concept of transforming function transformation function is different from the encryption usually illustrating with reference to figure 1.
Suppose in transform data space, do not have the input domain ID with a plurality of data elements.The encryption function E of certain secret key is used in definition, and its data element that is configured to accept input domain ID is as inputting to carry corresponding encrypted data element in domain output OD.The decryption function D that uses the corresponding secret key of the secret key that uses with encryption function E by application, can obtain by the data element application decryption function D to domain output OD the primitive data element of input domain ID.In insecure environments (be commonly referred to " white box "), suppose opponent know input and output data element and the term of execution addressable encryption function E inside.Unless vigilant especially in this environment, otherwise secret key may be exported.
By to input domain ID and domain output OD application transforming function transformation function, can in insecure environments, obtain add-on security, transforming function transformation function is input and output operations.Transforming function transformation function T
1by the data element mappings from input domain ID to the element of transform data that converts input domain ID' in transform data space.Similarly, transforming function transformation function T2 by the data element mappings from domain output OD to converting domain output OD'.Can between ID' and OD', define transposition encryption and decryption function E' and D' now.In the situation that will carrying out inverse transformation, for example, in the time result will being sent to not to transformation space, T
1and T
2to inject item.
Together with encryption technology, use transforming function transformation function T
1, T
2mean, by application transforming function transformation function T
1the element of transform data of territory ID' is input to transposition encryption function E', rather than the data element of input domain ID is input to encryption function E to obtain the encrypted data element of domain output OD.Transposition encryption function E' in cryptographic operation by inverse transform function Τ
1 -1with transforming function transformation function T
2combination is with protection confidential information, such as secret key.Then obtain the data element of transposition encryption of territory OD'.When analyzing input data and output data in transform data space, can not retrieve the secret key for encryption function E or decryption function D.
Transforming function transformation function T
1, T
2one that chooses should be nontrivial function.At T
1in the situation of trivial functional, the normally same territory of input domain ID and ID'.At T
2in the situation of trivial functional, the normally same territory of domain output.
Usually, fail-safe software application is used and has been converted intermediate result, and it is disabled when being blocked.This character makes it possible to protect the confidential data in fail-safe software application.In order to make fail-safe software application its function can be confined to several (or one) particular device, some technology are known.
Converter technique can be used for protecting various software programs.How Fig. 2 and Fig. 3 illustrate fail-safe software that can enough intelligent card functions and realize the known example that (referring to Fig. 3) replaces the physical smart card of use in digital TV environment (referring to Fig. 2).Be understood that the digital TV field that the invention is not restricted to.
Fig. 2 schematically shows the example of Typical Digital TV receiver 2a, its from headend 1 receive enciphered digital TV content and to output device 4 output signals to show digital TV content to final user.Arrow is indicated the data stream in direction as indicated.Headend 1 is transmitted into a large amount of receiver 2a by digital TV content.Receiver 2a obtains the digital TV signal of having launched with load module 21, it is provided for content processing module 22a subsequently.Content processing module 22a normally based on expanding to realize such as encrypting with safe electronic circuit 24a, the General Porcess Unit 23a(of the security function of deciphering and the secret key storage of safety for example uses 32 bit CPUs).This type of processing can relate to the treatment step of realizing in the smart card 3 of removable attachment.The result of contents processing is to be suitable for the signal that presents on the output device 4 such as televisor.
Headend 1, safety circuit 24a and smart card 3 are to be realized as the security module that makes assailant be difficult to revise its scheduled operation.Normally assailant is addressable for interface between load module 21, processing unit 23a, output device 4 and module, therefore can not depend on its proper operation.
Fig. 3 schematically shows the replacement example of known digital TV receiver 2a, its from headend 1 receive enciphered digital TV content and to output device 4 output signals to show digital TV content to final user.Arrow is indicated the data stream in direction as indicated.Headend 1 is transmitted into a large amount of receiver 2b by digital TV content.Receiver 2b obtains the digital TV signal of having launched with load module 21, it is provided for content processing module 22b subsequently.Content processing module 22b normally based on expanding to realize such as encrypting with safe electronic circuit 24b, the General Porcess Unit 23b(of the security function of deciphering and the secret key storage of safety for example uses 32 bit CPUs).
The general availability of given safety circuit module 24b, can be used in the smart card 3 that the fail-safe software moving in content processing module 22b realizes replacing Fig. 2.About this point, processing unit 23b disposes the Add-ons of the function being realized by smart card for the past.
As in the example of Fig. 2, headend 1 and safety circuit 24b are realized as the security module that makes assailant be difficult to revise its scheduled operation.Normally assailant is addressable for interface between load module 21, processing unit 23b, output device 4 and module, therefore can not depend on its proper operation.In order to protect intelligent card function in the addressable environment of the assailant at processing unit 23b, by software engineering, realize this function.Safety circuit 24b comprises the storer for one group of secret secret key, its with together with the output of processing unit 23b, be used to the secret key of export content and use in for the descrambling circuit at safety circuit 24b.In secret secret key one is installed during manufacture process.The secret secret key of this so-called chip is used to load safely other secret secret keys.Secret key loading messages is embedded in fail-safe software, and is used to load the secret key of known secret in security module.Fail-safe software also has fixing secret key encryption routine the secret key of content is encrypted in order to the secret key of secret that encrypted form is stored in secret key loading messages.Fixing secret key encryption routine restriction in fail-safe software application is applied in and can will on the equipment of the secret key loading messages deciphering being associated with fail-safe software application, carries out.
For make it possible to carry out the known technology (also referred to as node locking) of the software application that is confused in certain hardware device, there is common ground, move the output of the processing unit of the software that is confused and by safety circuit, used the input of one or more safe function of accomplishing safety circuit.If the output for the treatment of circuit is incorrect, safety circuit can not correctly be carried out safe function.Although can executive software application itself, it is not prevented from.For example, in the example of Fig. 2 and Fig. 3, the output of processing unit 23a, 23b by safety circuit 24a, 24b as make it possible to realize digital TV content deciphering the secret key of input or as receiver 2a, 2b, know the qualifier (qualifier) of (secret) secret key.
Be known that the software application moved can carry out poll and use resulting data in the further execution of application predefine memory location in processing unit.If resulting data are incorrect, software application will be correctly out of service.Memory location is the specific hardware register that for example comprises unique value for example or the secret key of password.The safety being provided by this polling method is limited, because the content of memory location can be modified.
Be known that the probe function realizing in processing unit can for example activate physics and can not clone function (PUF), it produces response results based on offering the inquiry input of function.PUF is difficult to realize, because it has initialization problem.Another problem being associated with PUF be the transmitter of inquiry input need to know in advance PUF while being triggered by inquiry input may respond output because each PUF in each receiver is unique, and produce the uncertain response to inquiry.Can only be with inquiring-respond that right suitable large set characterizes PUF, it can obtain the response of inquiry by measuring in the later phases during fabrication or in deployed with devices.
Need a kind of improved technology, it makes it possible to carry out common software application in hardware device, the execution of the binary copy that simultaneously prevents application or application in another hardware device, and there is no the shortcoming of the prior art of above-identified.
Summary of the invention
The object of this invention is to provide a kind of technology that makes it possible to executive software application in hardware device, prevents from carrying out the binary copy of applying or applying simultaneously in another hardware device.
According to an aspect of the present invention, proposed a kind of computer implemented method, it is for making it possible to depend on hardware circuit executive software application on hardware device of hardware device.The method comprises the inquiry data that stem from software application to the hardware circuit input of hardware device.This hardware circuit is configured to carry out determinacy function.The method also comprises uses to inquire that data generate response data as the function of the input to function.The method also comprises that thereby at least a portion of handling software application by response data is to make it possible to executive software application.
According to an aspect of the present invention, propose a kind of hardware circuit, for making it possible to, carried out executive software application comprising on the hardware device of hardware circuit and depend on hardware circuit.This hardware circuit is configured to carry out determinacy function, thereby its use stems from the response data that the inquiry data of software application are applied to make it possible to executive software for handling at least a portion of software application with generation as the input to function.
Determinacy function is different from the uncertainty function such as PUF.Determinacy function is returned to identical result at it with any time that specific one group of input value is called conventionally.Uncertainty function returns to different results conventionally when it is called by specific one group of input value.In addition, determinacy function is common can be represented by enough mathematical way, and can not represent with mathematical way such as the uncertainty function of PUF.
The existence of the hardware circuit with determinacy function is depended in the operation of software application (or at least some aspect of its operation).What therefore, make that hardware device can be by the use release of software application is the existence of hardware circuit.Therefore, the execution of software application is anchored into hardware circuit, thereby makes it possible to only executive software application in the certain hardware device that comprises the hardware circuit with determinacy function.
Be understood that making it possible to executive software application means and can correctly or according to intention carry out executive software application.From the response data of the hardware circuit that is not intended to use, can be used for handling software application together with software application, but in this case, software application will be handled improperly, cause for example executive software application and produce insignificant output or interruption.
Claim 3-6 and 16 embodiment advantageously make it possible to use the cipher function in similarly known embedding hardware in hardware circuit.Suitably the example of cipher function is encryption function, decryption function, secret key hash function and pseudorandom number generator.
The embodiment of claim 7 advantageously makes it possible to, when carrying out, software application is anchored into hardware circuit in hardware device.Likely reverse response data are to make it possible to derive the data of inquiry data or wherein inquire that data are by the further data of processing of for example hardware circuit.
The embodiment of claim 8 advantageously makes it possible to, when carrying out, the cipher function in software application is anchored into hardware circuit in hardware device.
The embodiment of claim 9 advantageously makes it possible to use fixing secret key cipher function when carrying out in hardware device software application is anchored into hardware circuit.
The embodiment of claim 10 advantageously makes it possible to substitute mode, software application is anchored into hardware circuit in hardware device when carrying out.Inverse function is compared the output of the function in hardware device generate reverse response data with comparative result with the output of another function in fail-safe software module.If comparative result is incorrect, reverse response data should be generated as and make it be different from inquiry data, thereby forbid the further execution of software application.
The embodiment of claim 11 makes it possible to realize the replacement of described 7-10 embodiment.
The embodiment of claim 12 advantageously makes it possible to the application of encryption software that is anchored into hardware circuit to be decrypted.
According to an aspect of the present invention, proposed a kind of for adding the computer implemented method of random several piece to the application of encryption software.The method comprises the software image of the application of encryption software is divided into equal length piece.The method also comprises definite replace block, and this replacement piece is by one in the piece of being replaced by random data block.The method also comprises to message authentication code (CMAC) function of each piece application based on block encryption until this replace block.The method also comprises from last BOB(beginning of block) to each piece applies reverse (CMAC) function of the message authentication code based on block encryption until the piece after this replace block.Label T equals the secret key of encryption for encryption software is encrypted.With the secret key K of CMAC, label T is deciphered.Decipher label T and be added to the secret key correlation of CMAC V
1with last piece to obtain intermediate result.Use the secret key K of CMAC that intermediate result is deciphered.Deciphered intermediate result be added to last with obtain another intermediate result and repeat the deciphering of other intermediate results and interpolation until this replace block.The method also comprises last results added of last result of the message authentication code from based on block encryption (CMAC) function and the reverse message authentication code based on block encryption (CMAC) function to obtain random data block.The method also comprises by random data block replaces described replace block.The secret key K of CMAC is corresponding to the secret key K of another CMAC in the hardware circuit of hardware device.
Therefore, can obtain encryption software application, this deciphering is anchored into the hardware circuit of certain hardware device.
The embodiment of claim 17 advantageously makes it possible to embed hardware circuit in existing chip or chipset.
According to an aspect of the present invention, propose a kind of hardware device, comprised the one or more hardware circuit having in above-mentioned feature.
Claim 18 and 19 embodiment advantageously make it possible to executive software application on the frequent hardware device using.
According to an aspect of the present invention, a kind of software application has been proposed, thereby its at least a portion that is suitable for handling software application when being executed by processor is applied with the hardware circuit executive software on hardware device making it possible to by using response data to depend in hardware device, this response data be use use inquiry data in hardware circuit as the input to function really qualitative function generate, wherein, described inquiry data stem from software application.
Hereinafter by embodiment of the present invention will be described in more detail.Yet, should be appreciated that and can these embodiment be interpreted as to restriction is for protection scope of the present invention.
Accompanying drawing explanation
To explain in more detail each aspect of the present invention by reference to the exemplary embodiment shown in figure, in described accompanying drawing:
Fig. 1 is the figure that transforming function transformation function and encryption are described substantially;
Fig. 2 is the schematic diagram for the treatment of the prior art numeral TV receiver system of enciphered digital TV content;
Fig. 3 is the schematic diagram for the treatment of another prior art numeral TV receiver system of enciphered digital TV content;
Fig. 4 be according to exemplary embodiment of the present invention for the treatment of the schematic diagram of the digital TV receiver system of enciphered digital TV content;
Fig. 5 is according to the schematic diagram of the software application that is anchored into hardware circuit of exemplary embodiment of the present invention;
Fig. 6 be according to exemplary embodiment of the present invention as the schematic diagram of the CMAC function using in hardware circuit;
Fig. 7 be according to another exemplary embodiment of the present invention as the schematic diagram of the CMAC function using in hardware circuit;
Fig. 8 be according to another exemplary embodiment of the present invention as the schematic diagram of the CMAC function using in hardware circuit;
Fig. 9 is according to the schematic diagram of the software application that is anchored into hardware circuit of another exemplary embodiment of the present invention;
Figure 10 is according to the schematic diagram of the software application that is anchored into hardware circuit of another exemplary embodiment of the present invention;
Figure 11 is according to the schematic diagram of the software application that is anchored into hardware circuit of another exemplary embodiment of the present invention;
Figure 12 is according to the schematic diagram of the software application that is anchored into hardware circuit of another exemplary embodiment of the present invention;
Figure 13 be according to exemplary embodiment of the present invention for creating the schematic diagram of the CMAC function of the software application that is anchored into hardware circuit;
Figure 14 be according to exemplary embodiment of the present invention as the schematic diagram of the encryption function using in hardware circuit.
Embodiment
The invention enables and can in hardware device, apply by executive software, prevent from carrying out the binary copy of application or application simultaneously in another hardware device.The inquiry data that stem from software application to the hardware circuit input of hardware device.Inquiry data comprise data working time, such as status information or the parameter value of the application when carrying out in processing unit.Alternatively, inquiry data comprise at least a portion of the software image of application itself.Hardware circuit is processed inquiry data with determinacy function, and it preferably defines uniquely for specific hardware circuit, and returns to response data for the further processing of software application.
Can realize hardware circuit by various technology.This hardware circuit for example can be realized with the transistor network on chip.Another example is by the independent microcontroller on same chip or in isolation processes, uses the embodiment of software.Another example is the embodiment accessing to your password in the software process of coprocessor.Another example is master chip outside use node locking chip upper at same printed circuit board (PCB) (PCB) but that comprising CPU.The embodiment that is understood that hardware circuit is not limited to these examples, and can realize the hardware circuit that can be configured to carry out determinacy function with other known technologies.
Determinacy function is different from the uncertainty function such as PUF.Determinacy function is returned to identical result at it with any time that specific one group of input value is called conventionally.Uncertainty function returns to different results conventionally when it is called by specific one group of input value.In addition, determinacy function is common can be represented by enough mathematical way, and can not represent with mathematical way such as the uncertainty function of PUF.Being known that can be by being deterministic to output application examples as mechanism for correcting errors makes the output of PUF, but can not make PUF itself be deterministic for this.
Safe and non-security software application both can be benefited from the present invention, but in order to obtain optimum, uses for example software obfuscation technology to protect software application, because non-security software application can be modified to ignore hardware circuit.
In the situation that carrying out fail-safe software application, the first module of fail-safe software application using working time data as inquiry data, send to hardware circuit.The second module that this hardware circuit is processed inquiry data with unique function preferably and response data is back to fail-safe software application with the inverse operation of carrying out unique function preferably to eliminate the effect of hardware circuit.Thus, software application is anchored into hardware circuit effectively.
In the situation that inquiry data comprise at least a portion of the software image of application itself, inquiry data are imported into hardware circuit.Hardware circuit carrys out deal with data and returns to response data with unique function preferably, and it may be used as deciphering secret key so that software image is deciphered after some conversion operations.Thus, software application is anchored into hardware circuit effectively.
The unique nature of hardware circuit and the association of output thereof are further processed and are made substantially can not on the different equipment of the equipment being intended for from it, apply by operating software.
Can comprise embedded device at various CPU(), GPS and programmable I/O peripherals comprises hardware circuit.
How Fig. 4 can use example of the present invention in digital TV environment if schematically showing.Be understood that and the invention is not restricted to digital TV field, but can be used for any software application to be anchored into the CPU that comprises hardware circuit.Hardware circuit allows the software that the white box of opposing is attacked to be firmly coupled to individual equipment.The present invention extends to the uniqueness of hardware circuit the software application that is effectively anchored into hardware circuit.This type of grappling software application can or for example used in PC, dull and stereotyped PC, smart phone, the Internet (cloud) server, graphics card or any other I/O equipment in for example such as the embedded device of digital TV receiver.
In the example of Fig. 4, digital TV receiver 2c receives enciphered digital TV content from headend 1, and to output device 4 output signals to show digital TV content to final user.Arrow is indicated the data stream in direction as indicated.Headend 1 is transmitted into a large amount of receiver 2c by digital TV content.Receiver 2c obtains the digital TV signal of having launched with load module 21, it is provided for content processing module 22c subsequently.Content processing module 22c is based on for example using 32 bit CPUs with the General Porcess Unit 23c(of hardware circuit 24c expansion or embedding).For the treatment of the fail-safe software of enciphered digital TV content, be applied in processing unit 23c and move.The result of contents processing is to be suitable for the signal that presents on the output device 4 such as TV machine.
Headend 1 and hardware circuit 24c are realized as and make assailant be difficult to revise or observe its operation.Normally assailant is addressable for interface between load module 21, the software of carrying out on processing unit 23c, output device 4 and module, therefore can not depend on its proper operation.
Fig. 5 shows the exemplary embodiment of the software application that is anchored into hardware circuit.A part for software application or software application is implemented as fail-safe software sequence of modules, i.e. the fail-safe software module i with 101a indication in Fig. 5 and with the fail-safe software module i+1 of 103a indication.Each fail- safe software module 101a, 103a exchange parameter and/or status information in transform domain.By application being anchored into the hardware circuit 24c of equipment, case software application is anchored into particular device.
Contrary fail-safe software module 102a and fail-safe software module i+1 103a can be implemented as the individual module of both function combinations.
In unshowned in the drawings replacement exemplary embodiment, the order of hardware circuit 24c and contrary fail-safe software module 102a is reversed.In the present embodiment, contrary fail-safe software module is carried out the function of hardware circuit 24c, and hardware circuit is carried out the function of contrary fail-safe software module 102a.In the present embodiment, contrary fail-safe software module and fail-safe software module i 101a can be implemented as the individual module of both function combinations.
Can use the existing password coprocessor for example having such as the integrated package password of AES to realize hardware circuit.Secret key hash function also referred to as message authentication code (MAC) can be used as anchor function.By unique (or can derive uniquely) secret key being placed on during the personalization of hardware circuit, in each independent chipset, to make these and other cipher function be unique.Other secret key load mechanism are also possible.Such as the MAC(CMAC based on password) the MAC function based on block encryption be suitable especially.CMAC standard is applicable to any block encryption, such as, AES for example.CMAC standard is also referred to as RFC-4493.
Following example shows the realization of the hardware anchor that uses CMAC standard.Be understood that the secret key hash function the invention is not restricted to such as CMAC, and the invention is not restricted to AES block encryption.
Fig. 6 shows the example for the process flow diagram of the CMAC calculating of b position message M, and the piece size of password is the length that b and message M have b position.The output of CMAC is called label T.Because block encryption is used as basic building piece, so label T will be also b aspect size.Use addition function
by message M and secret key correlation V
2be added, and then with encryption function, with secret key K, message M encrypted.
If message blocks is shorter than b position, message is filled, as shown in Figure 7.Filler is indicated with 10...0.In this case, use different secret key correlation V
2.
With reference to figure 8, in order to calculate the CMAC for random length input message M, first this message is divided into the message blocks M of length b
i.In the example of Fig. 8, message M has the length of 1 * b position, and therefore message M is divided into message blocks M
1, M
2... M
l.Each piece M
iunder same first secretary's key K, used selected block password encryption, the output of encryption function is added to next message blocks.For last piece M
l, before this encrypts, also add secret key correlation V
1.
If the length of message M is not the accurate multiple of b, fill as shown in Figure 7 last message blocks M
l.In this case, will use secret key correlation V
2but not V
1.
As the V that gives a definition
1and V
2derivation, wherein, ' Encrypt
k' represent to use the encryption (for example, AES-128 encrypts) of secret key K, ' 0
b' represent the full null vector of b position, ' MSB ' represents highest significant position, ' << ' represents that position rotates left, and
represent XOR.
In step 1, the AES-128 with secret key K is applied to complete zero input block.In step 2, by following operation, derive V
1: if the highest significant position of L equals 0, V
11 of L shift left.Otherwise, V
1r
bthe XOR shifting left of 1 with L.In step 3, by following operation, derive V
2if: V
1highest significant position equal 0, V
2v
11 shift left.Otherwise, V
2r
bwith V
1the XOR shifting left of 1.Here, R
bit is predefined constant in CMAC standard.For example, for b=128, R
128=0
12010000111.
Due to V
1and V
2only depend on secret key K, thus can carry out precompile once to it, and for many CMAC, calculate subsequently.V
1and V
2can for example be stored in nonvolatile memory, or calculate once when using for the first time.
Secret key K must can use for realizing for example hardware circuit of the cipher function of CMAC function safely.Be understood that and the invention is not restricted to following example, and can replace solution with other and make safely secret key K can use for hardware circuit.
Secret key K can be embodied as additional secret key, personalized in silicon.Alternatively, secret key K can derive from the secret key of existing unique chipset (CSUK) in some way, for example, by using the structure of Davies-Meyer type.Alternatively, can be with secret key K being offered to hardware circuit from control word being sent to the known secret key ladder solution of descrambler module safely with the secret key of session, this secret key ladder is suitable for alternatively secret key K being sent to hardware circuit safely.Alternatively, can use as disclosed secret key host-host protocol in being entitled as " Key Transport Protocol " and having applicant's the patented claim common co-pending of reference number 15464, it is by integrally incorporated herein by reference.
Secret key host-host protocol makes transmitter secret key loading messages can be sent to receiver.Next, secret key is loaded on receiver.In order to create secret key loading messages, transmitter is the secret key of generating virtual first, is expressed as
.Secondly, the virtual secret key of transmitter protection is to protect authenticity and the confidentiality of virtual secret key, thus the secret key of generation secure virtual.Then the part using the secret key of secure virtual as secret key loading messages transfers to receiver from transmitter.Can use the public key being associated with receiver that virtual secret key is encrypted.Can create the secret key of secure virtual by using the secret key of the safety being associated with transmitter to add signature.The virtual secret key being generated by transmitter
the input that is used as cipher function with the secret key of the signature verification being associated with transmitter is exported to produce.Cipher function is a part for the cipher function of hardware circuit normally.Described output comprises secret key K.
Figure 14 shows the example for the process flow diagram of the calculating of the output valve T of b position message M, and it is the simple version of the example of Fig. 6.Directly use encryption function with secret key K, b position message M to be encrypted.The very large advantage of this variant is to encrypt by utilizing between the storer of the secret key ladder of use standard, and it can obtain support on existing silicon.Yet it may be so not flexible, because it can not process random length input.
In following example, the security of software application is used the look-up table as used in AES cryptology to be for example anchored into hardware circuit.This hardware circuit anchor is to use CMAC and AESS password coprocessor to realize.The invention is not restricted to AES.In password coprocessor, can use any other block encryption.
Software obfuscation is embodied as cipher function look-up table sequence conventionally.With reference to figure 5, in this example, hardware anchor 24c is implemented as the additional look-up table between two " regular " fail-safe software table 101a and 103a.This is tied to hardware uniquely by fail-safe software effectively.
Fail-safe software table i 101a and fail-safe software table i+1 103a represent to be anchored into a part for the fail-safe software application of hardware.The inquiry data that are used as hardware anchor 24c from the output of fail-safe software table i 101a, it provides wider output.In this example, from the response data of fail-safe software table i 101a, be 8, and the output of hardware anchor 24c it is 128.With contrary fail-safe software table 102a, expand the fail-safe software table i+1 103a that fail-safe software is realized, its wide output transform by anchor 24c is got back to expection input.
Preferably will against fail-safe software table 102a and fail-safe software table i+1 103a is integrated to obtain, high-caliberly obscure.
According to the coupling hardware circuit 24c that comprises the secret key K of unique hardware by each fail-safe software personalized application.Can also be to the given identical secret key of a collection of hardware circuit.This action has reduced the number of unique realization.
In the situation that hardware anchor 24c has the input of 8 and the output of 128, contrary table 102a has 2
128* 8 table size.
Can produce shorter output T with CMAC, for example, by using 32 highest significant positions rather than complete 128.This will cause less contrary table 102a, i.e. 2 in above-mentioned example
32* 8(≈ 4096 megabyte) contrary table size.Even less contrary table size can be used with together with even shorter output.Following table illustrates the table size for different Output Size (step-by-step meter) and 8 s' input.
Input | Output | Table size |
8 | 10 | 2 10* 8 ≈ 1 kilobyte |
8 | 12 | 2 12* 8 ≈ 4 kilobyte |
8 | 14 | 2 14* 8 ≈ 16 kilobyte |
8 | 16 | 2 16* 8 ≈ 64 kilobyte |
8 | 32 | 2 32* 8 ≈ 4096 megabyte |
Can optimize contrary table 102a.For 8 inputs, only have 2
8individual possible (128) output vector.This means contrary table 102a only need to comprise those 128 bit vectors with and 8 original inputs.Like this, against table size programming 2
8* (128+8) position or approximately 4.25 kilobyte.Following table illustrates the table size for difference input size (step-by-step meter) and 128 s' output.
Input | Output | Table size |
8 | 128 | 2 8* (128+8) position ≈ 4 kilobyte |
10 | 128 | 2 10* (128+10) position ≈ 17 kilobyte |
12 | 128 | 2 12* (128+12) position ≈ 70 kilobyte |
14 | 128 | 2 14* (128+14) position ≈ 284 kilobyte |
16 | 128 | 2 16* (128+16) position ≈ 1152 kilobyte |
Fig. 9 shows the exemplary embodiment of the software application that is confused that comprises the fail-safe software part that is anchored into the hardware circuit 24d using during working time.Arrow designation data stream.
It is separated that the original fail-safe software being comprised of with second portion 103b the 101b of first is applied in place, arbitrfary point.In this point, the execution of the 101b of first of original fail-safe software application stops, and extracts the b=128 position (in the situation that the AES in hardware anchor 24d) of its output, and arrives hardware anchor 24d as inquiry feeds of data.The remainder of the output of original fail-safe software application is held former state, and it is illustrated as arrow 104.For the response data of hardware anchor 24d is inverted, as substituting of look-up table as shown in Figure 5, use contrary fixing secret key fail-safe software module 102b.After this process, this execution second portion 103b that is continued original fail-safe software application by the output of the 101b of first of the contrary fixing secret key fail-safe software module 102b reconstruct of the remainder combination by with internal state 104.
In order to increase security, preferably, the transformation space between the 101b of first and hardware anchor 24d is different from the transformation space between contrary fixing secret key fail-safe software module 102b and second portion 103b.
Figure 10 shows the replacement exemplary embodiment of the software application that is confused that comprises the fail-safe software part that is anchored into the hardware circuit 24d using during working time.Arrow designation data stream.
It is separated that the original fail-safe software being comprised of with the second fail-safe software part 103b the first fail-safe software part 101b is applied in place, arbitrfary point.In this point, the execution of the first fail-safe software part 101b of original fail-safe software application stops, and extracts its state and be input to hardware anchor 24d as inquiry data.This state is also imported into software CMAC fail-safe software module 105.For the response data of hardware anchor 24d is inverted, character of use correlating transforms (PDT) module 102c or any other known comparison mechanism, it is compared the output of CMAC fail-safe software module 105 with the response data of hardware anchor 25d.After this process, this execution is used the state of the 101b of first receiving from PDT conversion module 102c to continue among the second portion 103b of original fail-safe software application.
The advantage of the example of Figure 10 is any size of state vector can be processed as input.In order to do like this, the whole CMAC structure of Fig. 8 is attached in CMAC fail-safe software module 105, it repeatedly calls fail-safe software encrypting module, just as hardware circuit 24d.
Finally, CMAC fail-safe software module 105 and hardware circuit 24d have both calculated label T.For comparative result, character of use correlating transforms (PDT) or other comparison mechanism.
Be understood that being used as inquiry feeds of data can take variation to the state of hardware circuit 24d.There are not the needs of hardware study pure (not conversion) value.
Figure 11 shows and makes it possible to realize the safe transmission of (safety) software application or the exemplary embodiment of storage with encrypted form, wherein, with hardware circuit 24e, comes software for calculation to apply the secret key of unique deciphering to the encryption section of software application is deciphered.
Software application comprises loading procedure code section 101c and encryption software part 103c, and is created into and will on the particular device having hardware circuit 24e, uses.Software application is for example downloaded or is bought from application shop.
A part of complete loading procedure code 101c is used as inquiry data and is input to hardware anchor 24d.The unique response data of resulting equipment is used as for by the secret key of deciphering of the deciphering of encryption software part 103c.When using AES coprocessor as shown in aforementioned exemplary embodiment, deciphering secret key will be 128 place values.
Figure 12 shows and makes it possible to realize the safe transmission of software application or the replacement exemplary embodiment of storage with encrypted form, wherein, with hardware circuit 24e, comes software for calculation to apply the secret key of unique deciphering so that by the deciphering of encryption section of software application.
Software application comprises loading procedure code section 106 and encryption software part 103c, and is created into and will on the particular device having hardware circuit 24e, uses.Random data block 107 is parts of encryption software part 103c, and it is unique making encryption software part 103c.
A part of the complete part of encryption software 103c is imported into hardware circuit 24d.When using AES coprocessor as shown in aforementioned exemplary embodiment, deciphering secret key will be 128 place values.
Random several piece 107 in encryption software part 103c can be created by the provider that encryption software is applied as follows.Select randomly at first and encrypt secret key, and the value that then makes its (cryptotext) value of returning random data block 107 be.
Figure 13 shows the example of the calculating of the random several piece 107 of being undertaken by provider.As example, suppose to use second C of software application
2as random several piece 107, insert any cryptotext piece and select secret key T.Be understood that and can use any and a plurality of random several pieces 107 of conduct.
With piece M
1process similarly first C
1, as shown in Figure 8.For other pieces C
2c
l, compare calculating with Fig. 8 and be reversed: first with the secret key K of hardware anchor, secret key T(is used for software cryptography) and deciphering, then it be added to secret key correlation V
1last piece of encryption software.Result is again decrypted, and adds last of encryption software to, etc.Like this, two calculating are met and are added to produce " omission " piece C
2.The piece C calculating like this
2being used as random data block 107 inserts in encryption software part 103c.
Can derive the secret key of correct deciphering by the end-user device with the hardware circuit 24d that disposes the secret key K of hardware anchor.
Be understood that and can apply in combination protection working time shown in Fig. 9 and Figure 10 with the solution privacy protection shown in Figure 11 and Figure 12.
In the exemplary embodiment shown in Fig. 5,9 and 10, use hardware circuit 24c, 24d and contrary module 102a, 102b, 102c between two parts of software application.Be understood that in software application beginning place or ending place and can use hardware circuit and contrary module.If be just positioned at beginning place, for example the first input to software application is used as inquiring data.If be just positioned at ending place, for example the last output of software application is used as inquiring data.
One embodiment of the present of invention can be implemented as program product to use together with computer system.The function (comprising methods described herein) of one or more program definition embodiment of this program product, and can on various non-transient computer-readable recording mediums, embody.Illustrative computer-readable recording medium includes but not limited to: non-ly (for example write storage medium (i), read only memory device in computing machine, solid state non-volatile semiconductor memory such as CD-ROM disk, rom chip or any type that can be read by CD-ROM drive), information is by for good and all stored thereon; And (ii) can write storage medium (for example, the solid-state random-access semiconductor memory of the floppy disk in flash memory, disc driver or hard disk drive or any type), variable information is stored in the above.
Claims (20)
1. a computer implemented method, it is for making it possible to depend on the computer implemented method of hardware circuit executive software application on hardware device of hardware device, and the method comprises:
The inquiry data that stem from software application are input to the hardware circuit of hardware device, wherein, this hardware circuit is configured to carry out determinacy function;
Use to inquire that data generate response data as the function of the input to function; And
Thereby by response data, handle at least a portion of software application to make it possible to executive software application.
2. method according to claim 1, wherein, described function is that one or more hardware circuits are exclusive.
3. according to claim 1 or method claimed in claim 2, wherein, described function is cipher function.
4. method according to claim 3, wherein, described cipher function is used secret key, and it is in secret key pre-configured in the storer of hardware circuit and the secret key of deriving from unique secret key pre-configured the storer of hardware circuit.
5. method according to claim 4, wherein, the secret key that described cipher function is used the secret key loading messages from having received from external source to derive.
6. method according to claim 5, wherein, described secret key load mechanism is that hardware device is exclusive.
7. according to the method described in any one in claim 1-6, wherein, described software application comprises the first fail-safe software part, the second fail-safe software part and is configured to carry out the contrary module of inverse function so that the function of hardware circuit is inverted, wherein, described inquiry data comprise when carrying out in processing unit the first fail-safe software partly ending place software application working time data at least a portion, and wherein, the use of response data comprises:
Thereby response data is input to inverse function in contrary module to obtain reverse response data, and wherein, if the inverse function in contrary module is mated with the function in hardware circuit, these reverse response data equal to inquire data; And
Reverse response data are offered to the second fail-safe software part for the further execution of software application.
8. method according to claim 7, wherein, the first fail-safe software partly comprises the first of cipher function, wherein, the second fail-safe software partly comprises the second portion of cipher function, and wherein, working time, data representation was by the intermediate result of the cipher function of the first output of cipher function.
9. method according to claim 7, wherein, the function in hardware circuit comprises the fixing secret key cipher function that is configured to use fixing secret key, and wherein, inverse function comprises that be configured to use fixing secret key contrary fix secret key cipher function.
10. method according to claim 7, wherein, described software application also comprises the fail-safe software module that is configured to carry out another function identical with function in hardware circuit, the method also comprises:
Inquiry data are input to fail-safe software module;
The inquiry data that use is imported into described another function generate another response data from described another function; And
Thereby described another response data is input to inverse function in contrary module to obtain another reverse response data, wherein, if the inverse function in contrary module mate with described another function in fail-safe software module, described in another reverse response data equal to inquire data,
And wherein, described inverse function comprises that comparison function is to compare response data with described another response data.
11. according to the method described in any one in claim 7-10, and wherein, the order of hardware circuit and contrary module is reversed, and wherein, described hardware circuit is configured to carry out inverse function, and wherein, described contrary module is configured to carry out determinacy function.
12. according to the method described in any one in claim 1-6, and wherein, described software application is encryption software application, and wherein, described inquiry data comprise at least a portion of the software image of software application, and wherein, the use of response data comprises:
Use response data as deciphering secret key so that at least a portion of encryption software application is deciphered.
13. 1 kinds for adding the computer implemented method of random data block to the application of encryption software, and the method comprises:
The software image of encryption software application is divided into equal length piece;
Determine replace block, this replacement piece is by one in the piece of being replaced by random data block;
To message authentication code (CMAC) function of each piece application based on block encryption until this replace block;
From last BOB(beginning of block) to each piece, apply reverse (CMAC) function of the message authentication code based on block encryption until the piece after this replace block, wherein, label T equals the secret key of encryption for encryption software is encrypted, wherein, with the secret key K of CMAC, label T is deciphered, wherein, decipher label T and be added to the secret key correlation of CMAC V
1to obtain intermediate result, wherein, use the secret key K of CMAC that intermediate result is deciphered with last piece, wherein, deciphered intermediate result be added to last with obtain another intermediate result and repeat the deciphering of other intermediate results and interpolation until this replace block;
By last results added of last result of the message authentication code from based on block encryption (CMAC) function and the reverse message authentication code based on block encryption (CMAC) function to obtain random data block; And
By random data block, replace described replace block, wherein, the secret key K of CMAC is corresponding to the secret key K of another CMAC in the hardware circuit of hardware device.
14. 1 kinds are comprising on the hardware device of hardware circuit and are depending on the hardware circuit that hardware circuit carrys out executive software application for making it possible to, wherein, described hardware circuit is configured to carry out determinacy function, thereby this determinacy function use stems from the response data that the inquiry data of software application are applied to make it possible to executive software for handling at least a portion of software application with generation as the input to function.
15. hardware circuits according to claim 14, wherein, described function be one or more hardware circuits of each hardware device exclusive so that can be on each hardware device executive software application.
16. according to the hardware circuit described in claim 14 or claim 15, and wherein, described function is the cipher function that uses secret key, and this secret key is in the following:
Pre-configured secret key in the storer of hardware circuit,
The secret key of deriving from unique secret key pre-configured the storer of hardware circuit, and
The secret key of deriving from the secret key loading messages having received from external source.
17. according to the hardware circuit described in any one in claim 14-16, and wherein, described hardware circuit is embedded in CPU, GPU and programmable I/O peripherals.
18. 1 kinds comprise according to the hardware device of the hardware circuit described in any one in claim 14-17.
19. hardware devices according to claim 18, wherein, described hardware device is in digital TV receiver, PC, dull and stereotyped PC, smart phone, the Internet (cloud) server and graphics card.
20. thereby one kinds of software application are suitable for handling at least a portion of software application when being executed by processor to be applied with the hardware circuit executive software on hardware device making it possible to by using response data to depend in hardware device, this response data be use use inquiry data in hardware circuit as the input to function really qualitative function generate, wherein, described inquiry data stem from software application.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP11160420.3 | 2011-03-30 | ||
EP11160420.3A EP2506174B1 (en) | 2011-03-30 | 2011-03-30 | Enabling a software application to be executed on a hardware device |
PCT/EP2012/054826 WO2012130658A1 (en) | 2011-03-30 | 2012-03-19 | Enabling a software application to be executed on a hardware device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103608820A true CN103608820A (en) | 2014-02-26 |
CN103608820B CN103608820B (en) | 2017-05-03 |
Family
ID=44146285
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201280026330.7A Expired - Fee Related CN103608820B (en) | 2011-03-30 | 2012-03-19 | Computer realizing method and hardware for enabling a software application to be executed on a hardware device |
Country Status (6)
Country | Link |
---|---|
US (2) | US9910970B2 (en) |
EP (2) | EP2506174B1 (en) |
CN (1) | CN103608820B (en) |
AU (1) | AU2012234508B2 (en) |
CA (2) | CA3179648A1 (en) |
WO (1) | WO2012130658A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105404794A (en) * | 2014-09-04 | 2016-03-16 | 腾讯科技(深圳)有限公司 | Protection method and device of Java application software |
CN107836081A (en) * | 2015-07-15 | 2018-03-23 | 西门子公司 | Equipment for producing method and apparatus that equipment specifically identifies and including personalized programmable circuit module |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2506174B1 (en) | 2011-03-30 | 2019-01-09 | Irdeto B.V. | Enabling a software application to be executed on a hardware device |
US10373149B1 (en) | 2012-11-12 | 2019-08-06 | Square, Inc. | Secure data entry using a card reader with minimal display and input capabilities having a display |
US9787479B2 (en) | 2013-03-27 | 2017-10-10 | Irdeto B.V. | Challenge-response method and associated client device |
US9613353B1 (en) | 2013-12-26 | 2017-04-04 | Square, Inc. | Passcode entry through motion sensing |
US10461944B2 (en) | 2014-09-26 | 2019-10-29 | Irdeto B.V. | Challenge-response method and associated computing device |
US9483653B2 (en) | 2014-10-29 | 2016-11-01 | Square, Inc. | Secure display element |
US9430635B2 (en) | 2014-10-29 | 2016-08-30 | Square, Inc. | Secure display element |
US10673622B2 (en) * | 2014-11-14 | 2020-06-02 | Square, Inc. | Cryptographic shader in display hardware |
GB201505438D0 (en) | 2015-03-30 | 2015-05-13 | Irdeto Bv | Accessing content at a device |
US10742413B2 (en) * | 2017-04-25 | 2020-08-11 | International Business Machines Corporation | Flexible verifiable encryption from lattices |
US10608822B2 (en) * | 2017-04-26 | 2020-03-31 | Nxp B.V. | Efficient calculation of message authentication codes for related data |
EP3413500A1 (en) * | 2017-06-09 | 2018-12-12 | Koninklijke Philips N.V. | Device and method to compute a block cipher |
KR102052489B1 (en) * | 2017-06-23 | 2019-12-05 | 미쓰비시덴키 가부시키가이샤 | Ladder program unauthorized-use prevention system, ladder program unauthorized-use prevention method, and engineering tool |
US10630462B2 (en) * | 2017-10-27 | 2020-04-21 | Nxp B.V. | Using white-box in a leakage-resilient primitive |
US11321466B2 (en) * | 2018-03-09 | 2022-05-03 | Qualcomm Incorporated | Integrated circuit data protection |
DE102018208066A1 (en) * | 2018-05-23 | 2019-11-28 | Robert Bosch Gmbh | Data processing device and operating method therefor |
US11654635B2 (en) | 2019-04-18 | 2023-05-23 | The Research Foundation For Suny | Enhanced non-destructive testing in directed energy material processing |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6480959B1 (en) * | 1997-12-05 | 2002-11-12 | Jamama, Llc | Software system and associated methods for controlling the use of computer programs |
WO2005064433A1 (en) * | 2003-12-22 | 2005-07-14 | Koninklijke Philips Electronics N.V. | Software execution protection using an active entity |
CN1904793A (en) * | 2005-07-28 | 2007-01-31 | 国际商业机器公司 | Method and central processing unit for processing encryption software |
US20080263366A1 (en) * | 2007-04-19 | 2008-10-23 | Microsoft Corporation | Self-verifying software to prevent reverse engineering and piracy |
Family Cites Families (36)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5530752A (en) * | 1994-02-22 | 1996-06-25 | Convex Computer Corporation | Systems and methods for protecting software from unlicensed copying and use |
US5473692A (en) * | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
JP3507594B2 (en) * | 1995-07-31 | 2004-03-15 | 株式会社東芝 | Computer |
EP0792044B1 (en) * | 1996-02-23 | 2001-05-02 | Fuji Xerox Co., Ltd. | Device and method for authenticating user's access rights to resources according to the Challenge-Response principle |
US6523119B2 (en) * | 1996-12-04 | 2003-02-18 | Rainbow Technologies, Inc. | Software protection device and method |
US6363486B1 (en) * | 1998-06-05 | 2002-03-26 | Intel Corporation | Method of controlling usage of software components |
US7243236B1 (en) * | 1999-07-29 | 2007-07-10 | Intertrust Technologies Corp. | Systems and methods for using cryptography to protect secure and insecure computing environments |
US6792528B1 (en) * | 2000-05-17 | 2004-09-14 | Chien-Tzu Hou | Method and apparatus for securing data contents of a non-volatile memory device |
US7111167B1 (en) * | 2000-06-30 | 2006-09-19 | Intel Corporation | Digital watermarks with values derived from remote platforms |
CA2327911A1 (en) * | 2000-12-08 | 2002-06-08 | Cloakware Corporation | Obscuring functions in computer software |
US7117376B2 (en) * | 2000-12-28 | 2006-10-03 | Intel Corporation | Platform and method of creating a secure boot that enforces proper user authentication and enforces hardware configurations |
US7418737B2 (en) * | 2001-06-13 | 2008-08-26 | Mcafee, Inc. | Encrypted data file transmission |
US20040218762A1 (en) * | 2003-04-29 | 2004-11-04 | Eric Le Saint | Universal secure messaging for cryptographic modules |
US7111285B2 (en) * | 2001-07-17 | 2006-09-19 | Liquid Machines, Inc. | Method and system for protecting software applications against static and dynamic software piracy techniques |
FR2834361B1 (en) * | 2001-12-28 | 2004-02-27 | Bull Sa | DATA SECURITY MODULE BY ENCRYPTION / DECRYPTION AND / OR SIGNATURE / VERIFICATION OF SIGNATURE |
JP2003280754A (en) * | 2002-03-25 | 2003-10-02 | Nec Corp | Hidden source program, source program converting method and device and source converting program |
US6880149B2 (en) * | 2002-04-01 | 2005-04-12 | Pace Anti-Piracy | Method for runtime code integrity validation using code block checksums |
US8438392B2 (en) * | 2002-06-20 | 2013-05-07 | Krimmeni Technologies, Inc. | Method and system for control of code execution on a general purpose computing device and control of code execution in a recursive security protocol |
KR100974448B1 (en) * | 2003-04-24 | 2010-08-10 | 엘지전자 주식회사 | Method for managing a copy protection information of optical disc |
GB0311208D0 (en) * | 2003-05-15 | 2003-06-18 | British Telecomm | Feature based caricaturing |
US7091887B2 (en) * | 2004-04-28 | 2006-08-15 | Kabushiki Kaisha Toshiba | Modulator, modulation method, and method of manufacturing an optical recordable medium with enhanced security for confidential information |
US7702927B2 (en) * | 2004-11-12 | 2010-04-20 | Verayo, Inc. | Securely field configurable device |
US7818585B2 (en) * | 2004-12-22 | 2010-10-19 | Sap Aktiengesellschaft | Secure license management |
WO2006115219A1 (en) * | 2005-04-21 | 2006-11-02 | Matsushita Electric Industrial Co., Ltd. | Program illegiblizing device and method |
US8295492B2 (en) * | 2005-06-27 | 2012-10-23 | Wells Fargo Bank, N.A. | Automated key management system |
US8051299B2 (en) * | 2006-03-20 | 2011-11-01 | Hewlett-Packard Development Company, L.P. | Computer security method and computer system |
RU2296363C1 (en) * | 2006-04-27 | 2007-03-27 | Общество с ограниченной ответственностью "АСТРОМА" | Method and device for protecting software from unsanctioned usage |
US20080077805A1 (en) * | 2006-09-26 | 2008-03-27 | Catherman Ryan C | Securing Data Exchanged in Memory |
US7886162B2 (en) * | 2007-05-29 | 2011-02-08 | International Business Machines Corporation | Cryptographic secure program overlays |
US8887270B2 (en) * | 2007-11-12 | 2014-11-11 | Micron Technology, Inc. | Smart storage device |
DE102009002396A1 (en) * | 2009-04-15 | 2010-10-21 | Robert Bosch Gmbh | Method for manipulation protection of a sensor and sensor data of the sensor and a sensor for this purpose |
US20110091035A1 (en) * | 2009-10-20 | 2011-04-21 | Sun Microsystems, Inc. | Hardware kasumi cypher with hybrid software interface |
US8336771B2 (en) * | 2010-04-27 | 2012-12-25 | BBPOS Limited | Payment card terminal dongle for communications devices |
US8971535B2 (en) * | 2010-05-27 | 2015-03-03 | Bladelogic, Inc. | Multi-level key management |
EP2461534A1 (en) | 2010-12-01 | 2012-06-06 | Irdeto B.V. | Control word protection |
EP2506174B1 (en) | 2011-03-30 | 2019-01-09 | Irdeto B.V. | Enabling a software application to be executed on a hardware device |
-
2011
- 2011-03-30 EP EP11160420.3A patent/EP2506174B1/en active Active
- 2011-03-30 EP EP18212335.6A patent/EP3518128B1/en active Active
-
2012
- 2012-03-19 US US14/008,419 patent/US9910970B2/en active Active
- 2012-03-19 CA CA3179648A patent/CA3179648A1/en active Pending
- 2012-03-19 AU AU2012234508A patent/AU2012234508B2/en not_active Expired - Fee Related
- 2012-03-19 CA CA2831457A patent/CA2831457C/en active Active
- 2012-03-19 WO PCT/EP2012/054826 patent/WO2012130658A1/en active Application Filing
- 2012-03-19 CN CN201280026330.7A patent/CN103608820B/en not_active Expired - Fee Related
-
2018
- 2018-01-19 US US15/874,930 patent/US10552588B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6480959B1 (en) * | 1997-12-05 | 2002-11-12 | Jamama, Llc | Software system and associated methods for controlling the use of computer programs |
WO2005064433A1 (en) * | 2003-12-22 | 2005-07-14 | Koninklijke Philips Electronics N.V. | Software execution protection using an active entity |
CN1904793A (en) * | 2005-07-28 | 2007-01-31 | 国际商业机器公司 | Method and central processing unit for processing encryption software |
US20080263366A1 (en) * | 2007-04-19 | 2008-10-23 | Microsoft Corporation | Self-verifying software to prevent reverse engineering and piracy |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105404794A (en) * | 2014-09-04 | 2016-03-16 | 腾讯科技(深圳)有限公司 | Protection method and device of Java application software |
CN105404794B (en) * | 2014-09-04 | 2019-09-20 | 腾讯科技(深圳)有限公司 | The guard method of Java application software and device |
CN107836081A (en) * | 2015-07-15 | 2018-03-23 | 西门子公司 | Equipment for producing method and apparatus that equipment specifically identifies and including personalized programmable circuit module |
Also Published As
Publication number | Publication date |
---|---|
WO2012130658A1 (en) | 2012-10-04 |
EP3518128A1 (en) | 2019-07-31 |
CA3179648A1 (en) | 2012-10-04 |
AU2012234508A1 (en) | 2013-10-31 |
EP3518128B1 (en) | 2021-04-28 |
CA2831457A1 (en) | 2012-10-04 |
US20180232502A1 (en) | 2018-08-16 |
CA2831457C (en) | 2023-01-24 |
US9910970B2 (en) | 2018-03-06 |
CN103608820B (en) | 2017-05-03 |
US20140229744A1 (en) | 2014-08-14 |
EP2506174B1 (en) | 2019-01-09 |
EP2506174A1 (en) | 2012-10-03 |
US10552588B2 (en) | 2020-02-04 |
AU2012234508B2 (en) | 2017-07-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103608820B (en) | Computer realizing method and hardware for enabling a software application to be executed on a hardware device | |
CN100592683C (en) | Protected return path from digital rights management dongle | |
EP2491510B1 (en) | Distribution system and method for distributing digital information | |
CN101790865B (en) | Updating cryptographic key data | |
US10853497B2 (en) | Method and system for providing an update of code on a memory-constrained device | |
US20200374100A1 (en) | Cryptography device having secure provision of random number sequences | |
JP6517436B2 (en) | Encryption device and encoding device | |
CN110490008B (en) | Security device and security chip | |
CN103532707A (en) | System and method for defining programmable processing steps applied when protecting the data | |
CN102238430B (en) | Personalized whitebox descramblers | |
TWI517653B (en) | An electronic device and method for cryptographic material provisioning | |
US8392723B2 (en) | Information processing apparatus and computer readable medium for preventing unauthorized operation of a program | |
US9571273B2 (en) | Method and system for the accelerated decryption of cryptographically protected user data units | |
CN108667598B (en) | Device and method for realizing secure key exchange and secure key exchange method | |
CN101681408B (en) | Data security | |
WO2020044748A1 (en) | Device for configuring id-based hash proof system, id-based encryption device, method for configuring id-based hash proof system, and program | |
JP6888122B2 (en) | Semiconductor device, update data provision method, update data reception method and program | |
CN103250372B (en) | Obtaining a control word to reveal a client device identity | |
US11283632B2 (en) | Integrated circuit, control device, information distribution method, and information distribution system | |
US11061996B2 (en) | Intrinsic authentication of program code | |
US20230275745A1 (en) | Device, method and program for secure communication between white boxes | |
JP2009271884A (en) | Information processor and information processing program | |
CN111917698A (en) | Data sharing device and data sharing method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C53 | Correction of patent of invention or patent application | ||
CB02 | Change of applicant information |
Address after: Holland Hoofddorp Applicant after: Ai Dide Technology Co., Ltd. Address before: Holland Hoofddorp Applicant before: Irdeto B.V. |
|
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: Free format text: CORRECT: APPLICANT; FROM: IRDETO B.V. TO: IRDETO B. V. |
|
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170503 Termination date: 20210319 |